Vulnerabilities in curl 8.4.0
curl version 8.4.0 was released on October 11 2023. The following 4 security problems are known to exist in this version.
Flaw | From version | To and including |
---|---|---|
HTTP/2 push headers memory-leak | 7.44.0 | 8.6.0 |
Usage of disabled protocol | 7.85.0 | 8.6.0 |
HSTS long file name clears contents | 7.84.0 | 8.4.0 |
cookie mixed case PSL bypass | 7.46.0 | 8.4.0 |
CVE data for 8.4.0 provided as JSON.
See vulnerability summary for the previous release: 8.3.0 or the subsequent release: 8.5.0